package com.qingchi.server.openData;

import com.qingchi.base.common.ConfigMapRefreshService;
import com.socialuni.social.model.common.ResultVO;
import com.qingchi.base.common.ViolationKeywordsService;
import com.qingchi.base.config.redis.RedisUtil;
import com.qingchi.base.constant.AuthType;
import com.qingchi.base.model.account.DevAccountDO;
import com.qingchi.base.model.openData.ThreeUserDO;
import com.qingchi.base.model.user.TokenDO;
import com.qingchi.base.model.user.UserDO;
import com.qingchi.base.modelVO.user.UserDetailVO;
import com.qingchi.base.redis.DistrictRedis;
import com.qingchi.base.redis.TagRedis;
import com.qingchi.base.repository.config.HomeSwiperRepository;
import com.qingchi.base.repository.district.DistrictRepository;
import com.qingchi.base.repository.log.FrontErrorLogRepository;
import com.qingchi.base.repository.openData.DevAccountRepository;
import com.qingchi.base.repository.openData.ThreeUserRepository;
import com.qingchi.base.repository.openData.UnionIdRepository;
import com.qingchi.base.repository.tag.TagRepository;
import com.qingchi.base.repository.user.AccountRepository;
import com.qingchi.base.repository.user.TokenRepository;
import com.qingchi.base.service.ChatUserService;
import com.qingchi.base.service.LoginService;
import com.qingchi.base.service.TagService;
import com.qingchi.base.service.TalkQueryService;
import com.qingchi.base.store.TagStoreUtils;
import com.qingchi.base.utils.TokenUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;

import javax.annotation.Resource;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import java.util.Optional;

//授权用户信息
@RestController
@RequestMapping("user")
public class OpenAuthUserInfoController {

    @Resource
    private UnionIdRepository contentUnionIdRepository;

    @Resource
    private TagRepository tagRepository;
    @Resource
    private TagStoreUtils tagQueryRepository;
    @Resource
    private TagRedis tagRedis;
    @Resource
    private DistrictRepository districtRepository;
    @Resource
    private ViolationKeywordsService violationKeywordsService;
    @Resource
    private ConfigMapRefreshService configMapRefreshService;
    @Resource
    private RedisUtil redisUtil;
    @Resource
    private ChatUserService chatUserService;
    @Resource
    private HomeSwiperRepository homeSwiperRepository;
    @Resource
    private TagService tagService;

    @Resource
    private DistrictRedis districtRedis;
    @Resource
    private TalkQueryService talkQueryService;
    @Resource
    private LoginService loginService;
    @Resource
    private FrontErrorLogRepository frontErrorLogRepository;
    @Resource
    private AccountRepository accountRepository;
    @Resource
    private DevAccountRepository devAccountRepository;
    @Resource
    private RestTemplate restTemplate;

    @Resource
    private TokenRepository tokenRepository;
    @Resource
    private ThreeUserRepository threeUserRepository;


    //app端，小程序端，微信和qq登陆的接口，传入第三方返回的基础信息，昵称等，没有手机号，Provider = 'weixin' | 'qq'
    @PostMapping("authUserInfo")
    public ResultVO<ThreeAuthUserInfoResultVO> authUserInfo(UserDO user, @RequestBody @Valid @NotNull ThreeAuthUserInfoQueryVO authVO, Integer devId) {
        //等于校验了，devId，
        //目前只有清池可以授权
        if (!devId.equals(1)) {
            return new ResultVO<>("不允许授权");
        }

        String threeSecretKey = authVO.getThreeSecretKey();

        //还能知道密钥是否被盗用
        //校验密钥是否正确
        Optional<DevAccountDO> devAccountDOOptional = devAccountRepository.findFirstBySecretKey(threeSecretKey);

        if (!devAccountDOOptional.isPresent()) {
            return new ResultVO<>("不存在的开发者商户");
        }

        DevAccountDO threeDevDO = devAccountDOOptional.get();

        Integer threeDevId = threeDevDO.getId();

        //只是记录一个授权记录
        ThreeUserDO threeUserDO = new ThreeUserDO(threeDevId, authVO.getThreeUserId(), devId, user.getUserId(), authVO.getProviderAppId(), authVO.getProviderType(), AuthType.user);

        threeUserDO = threeUserRepository.save(threeUserDO);
        //token有效期三个月
        //生成userToken
        String userToken = TokenUtils.generateTokenById(user.getId(), threeDevDO.getDevNum());
        TokenDO tokenDO = tokenRepository.save(new TokenDO(userToken, user.getId(), threeDevDO.getId()));
        //生成返回对象
        ThreeAuthUserInfoResultVO threeAuthUserInfoResultVO = new ThreeAuthUserInfoResultVO();
        threeAuthUserInfoResultVO.setTokenCode(tokenDO.getTokenCode());
        //应该使用三方devId，设置用户信息
        threeAuthUserInfoResultVO.setUser(new UserDetailVO(user, true, threeDevId));
        return new ResultVO<>(threeAuthUserInfoResultVO);
        //然后三方应用就能拿着这个用户token获取用户的数据了。

        //校验token的逻辑，


        //允许授权才授权，不允许直接返回，为什么要记录不允许次数呢？现在不需要，如果以后有乱申请授权的可以记录
        //也可以每个都记录 ，以后加这个功能吧，记录每次授权是否成功等等

        //得到对方的对方的key


        //要知道授权给了谁，
        //还有他授权的用户列表

        //授权历史

        //授权用户列表

        // 商户id，用户列表，权限全部，三方信息

        // 商户id，被授权商户id，授权用户，时间，授权权限，全部


        //保存

    }

    @PostMapping("authUserPhoneNum")
    public ResultVO<ThreeAuthUserPhoneNumResultVO> authUserPhoneNum(UserDO user, @RequestBody @Valid @NotNull ThreeAuthUserInfoQueryVO authVO, Integer devId) {
        //等于校验了，devId，
        //目前只有清池可以授权
        if (!devId.equals(1)) {
            return new ResultVO<>("不允许授权");
        }

        String threeSecretKey = authVO.getThreeSecretKey();

        //还能知道密钥是否被盗用
        //校验密钥是否正确
        Optional<DevAccountDO> devAccountDOOptional = devAccountRepository.findFirstBySecretKey(threeSecretKey);

        if (!devAccountDOOptional.isPresent()) {
            return new ResultVO<>("不存在的开发者商户");
        }

        DevAccountDO threeDevDO = devAccountDOOptional.get();

        //只是记录一个授权记录
        ThreeUserDO threeUserDO = new ThreeUserDO(threeDevDO.getId(), authVO.getThreeUserId(), devId, user.getUserId(), authVO.getProviderAppId(), authVO.getProviderType(), AuthType.phone);

        threeUserDO = threeUserRepository.save(threeUserDO);
        //token有效期三个月
        //生成userToken
        //生成返回对象
        ThreeAuthUserPhoneNumResultVO threeAuthUserInfoResultVO = new ThreeAuthUserPhoneNumResultVO();
        threeAuthUserInfoResultVO.setPhoneNum(user.getPhoneNum());
        return new ResultVO<>(threeAuthUserInfoResultVO);
        //然后三方应用就能拿着这个用户token获取用户的数据了。

        //校验token的逻辑，


        //允许授权才授权，不允许直接返回，为什么要记录不允许次数呢？现在不需要，如果以后有乱申请授权的可以记录
        //也可以每个都记录 ，以后加这个功能吧，记录每次授权是否成功等等

        //得到对方的对方的key


        //要知道授权给了谁，
        //还有他授权的用户列表

        //授权历史

        //授权用户列表

        // 商户id，用户列表，权限全部，三方信息

        // 商户id，被授权商户id，授权用户，时间，授权权限，全部


        //保存

    }
}
